Tagged: 

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • #40708
    AvatarAkabueze
    Participant

    Hello, please why is it I get conflicting results when I scan with with or anitscan.me and virscan.org. Some results are clean in one but are infected in the next one. This is after use HEX tool. Also what other tool like hex because scan on a antiscan.me is detecting up to 10 even after hex edit.

    #40719
    diegodiego
    Moderator

    Hi Akabueze!
    Basically bypassing AV programs is like a game of cat and mouse, so backdoors might start getting detected at some stage, then the developers release an update, this will allow you to generate undetectable backdoors, then AV programs release an update which will make backdoors detectable ……..

    So the main thing is to make sure that Veil or any other tool you’re using to generate the backdoor is up to date.​​

    Here’s a few solutions to try if your backdoor is getting detected:

    1. Make sure that you have the latest version of Veil, so do ​updated ​before doing ​use 1.

    ​2. Experiment with different payloads, and experiment with different payload options and you should be able to bypass it.​

    3. Try generating a backdoor using the fat rat, empire.

    4. Modify backdoor code if its in bat as shown in lecture 33.

    5. Modify backdoor using a hex editor as shown in lecture 40.

    6. Create your own backdoor (covered in python course).

    The best thing to do is look at the last lecture of the course (bonus lecture) it contains all the courses that you can take with this course and a comparison between them.
    Hope it helps!
    Diego

    #40722
    AvatarAkabueze
    Participant

    Is the zloggers and Lazagne that I have this problem with.

    #40779
    diegodiego
    Moderator

    Hi!
    Then you’ll need to stick to point 5 as you have the executables already.

    Let me know how it goes!
    Diego

Viewing 4 posts - 1 through 4 (of 4 total)
  • You must be logged in to reply to this topic.